GIAC Certified Incident Handler (GCIH) — Question 47

An attacker has determined a web application is running the SQL command shown below. What could she enter for VALUE to get a list of all email addresses in the employee table and avoid syntax errors? select email from employee where name = `˜[VALUE]';

Answer options

• A. ' or 1=1;--
• B. ' or select email from employee
• C. or select email from employee
• D. or 1=1

Correct answer: D

Explanation

The correct answer is D because 'or 1=1' is a valid condition that always evaluates to true, allowing the query to return all email addresses. Option A is incorrect as the use of ';--' can terminate the query and may lead to syntax issues. Option B is invalid due to improper syntax, and option C lacks the necessary quotes to form a valid SQL string.